"In security, you want to be the best. There aren't many customers out there that will brag they have the second-best security solution," says Mark Levine, managing director with Core Capital in Washington, D.C.
Benefits of bringing in a reputable IT consulting firm:
- Gain time to focus on core business functions
- Tap economies of scale and purchasing power
- Access to highly specialized talent
- Reduce downtime
- Get a technology edge over your competitors
- Increase productivity through smart use of technology
Below are some top notch companies to consider; they include both new ones with revolutionary technology as well as those with security as the core of their established product/service lines:
What the company offers: This email security service will block fake emails, a valuable means for cutting down on successful phishing attacks, but the company gets a leg up because it has support for its portal from AOL, Google, Microsoft and Yahoo, which will be put in place for their customers. Millions of customers will be using it without knowing it.
What the company offers: There are lots of content-delivery networks, but this one offers a significant number of services free, weeding out bad traffic to websites, mitigating DDoS attacks and in the process cutting load times, on average, in half.
What the company offers: CO3 fills an ever-increasing need: how to respond quickly to all the legal reporting requirements that come into play after a business suffers a data loss.
What the company offers: Intrusion detection is a must-have in any layered network defense, and Emerging Threats Pro is weaving its way into the fabric of open source intrusion detection software, with the company's CEO Matt Jonkman as the driving force.
What the company offers: As mobile devices increasingly make their way into corporate networks, it becomes more important to make sure they comply with security policies and stay that way.
What the company offers: You can't have enough factors in multi-factor authentication, and Universal Security Registry is boosting the number to three-plus.
- BIT ARMOR SYSTEMS (Now Trustwave)
What the company offers: BitArmor Security Suite, software that lets IT protect and manage the life cycle of stored data. The product eliminates the need for public key infrastructure-based key management through a proprietary, automated approach. In addition to encrypting data, BitArmor lets administrators create policies for data storage and retention. Policy management is a growing issue with encrypted data.
What the company offers: Unomi, a risk-management software service for cognitive authentication: the process of evaluating user behavior during the online authentication process by tracking input-device responses to various questions. With Unomi, Cogneto is seeking to use academic research on cognitive psychology, behavioral biometrics and online behavior for a real-time analysis of risk based on a score of 1 to 100.
What the company offers: The Mobio handheld device supports multiple strong authentication methods, including encryption-generated one-time passwords, VPN methods, a fingerprint scanner that can convert this biometric into a biocode number, plus a wireless-based door reader for physical access. The Cryptolex Universal ID System has a back-end software library for building an authentication server on Unix-, Linux- or Windows-based computers. Specialized applications bundled with the product allow for Cryptolex-based authentication on PDAs and laptops, network access, and physical-access control. Combining support for multiple strong authentication types in a small handheld device would be convenient at companies and government agencies with highly mobile users.
What the company offers: Antispam, antivirus and denial-of-service protection software at the mail-server and gateway levels, whose unique technology catches the malformed e-mails where viruses hide. This gives customers a new approach to zero-day protection. Not as much a start-up as a reinvented company, Declude was founded six years ago but has tapped just 2% of the market because its original e-mail security product was designed to work only with IMail and SmarterMail mail servers. In September the company released Declude Interceptor, a version that sits at the gateway, thus opening up the potential user base substantially.
What the company offers: SocketShield, desktop software for scanning network streams and intercepting and blocking exploit attack code against desktop machines, such as drive-by downloads. SocketShield focuses on real-time protection against exploits, crimeware and other zero-day threats to prevent vulnerability-targeting malware being installed on unpatched PCs. An exploit is a bit of code that's used to force another bit of code (usually with a malicious intent) to run.
What the company offers: VPN client on a USB token. KoolSpan's SecureEdge tokens set up a Layer 2 VPN that uses two-factor authentication and per-packet encryption keying, both extremely secure methods. SecureEdge eliminates the problem of installing and maintaining client software on remote PCs by supplying all the software needed within the token itself. Plus, it automatically provides two-factor authentication, something that generally requires a separate infrastructure.
What the company offers: Secure remote control of PCs and servers; the only remote control appliance that enables help desk sessions and collaboration. The company started with a simple mission - to speed up resolution of help desk calls - and has made the process more secure by putting all the technology in the customer's hands, not the service provider's. Also, it uses no client software, so the remote machine cannot be taken over via NetworkStreaming's SupportDesk platform unless the user initiates a session.
What the company offers: Software for Windows and Linux servers and desktops to protect against malware by taking a cryptographic-based snapshot of applications so that unauthorized changes can't be made. The approach could play a role in containing and mitigating the spread of malware infestations.
What the company offers: What's more secure than e-mail that doesn't leave a trace? VaporStream is a Web-based service that lets two parties communicate with their standard e-mail addresses; the message is transmitted as an encrypted image, and browsers on each end are instructed not to cache it, so there is no record. Instead of jumping through all sorts of technical hoops to secure e-mail communications, the service simply vaporizes them. "You can trust that once you read a message it is gone," boasts the company Web site. Void is attempting to bring privacy back to electronic communications. The security that VaporStream offers represents a breakthrough in simplicity - sorely needed in the realm of security technology - but the company may have a tough time convincing enterprises that making e-mails disappear is the best way to communicate. Most likely the service will find niche markets that can take advantage of this simplicity without being concerned about the consequences associated with not archiving an e-mail message.
What the company offers: Yoggie Gatekeeper, a gateway that protects laptops on the road so they're as secure as PCs in the corporate office. Most mobile-client security measures require running several security applications and agents on the laptop, making them dependent on the security capabilities of the underlying Windows operating system. As a separate, inline appliance, Yoggie offloads the security software stack from the laptop and sidesteps Windows.
Research and ReviewEdit
This is not an exhaustive list of companies to choose from. It is recommended that you review any company before hire and shop around in order to add the most overall value to your firm. A good site for reviews of company and service is GlassDoor or simply Google. Some good magazines to review include, but are not limited to: NetWorkWorld, SCmagazine, TechTarget, and InSecure magazine.